Lucene search
K

13 matches found

Prion
Prion
added 2014/02/12 4:50 a.m.34 views

Design/Logic Flaw

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine whether it is safe to execute a method, which allows remote attackers to execute arbitrary code via 1 a crafted web site or 2 a crafted .NET Framework application that exposes a COM serve...

9.3CVSS7.9AI score0.69801EPSS
Exploits6References7Affected Software1
NVD
NVD
added 2013/07/10 3:46 a.m.34 views

CVE-2013-3171

The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework...

9.3CVSS7.4AI score0.206EPSS
Exploits0References3
Prion
Prion
added 2013/07/10 3:46 a.m.19 views

Design/Logic Flaw

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework application, aka "Anonymous Method...

9.3CVSS8.4AI score0.206EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2013/01/09 6:9 p.m.19 views

Information disclosure

The Windows Forms aka WinForms component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 4, and 4.5 does not properly initialize memory arrays, which allows remote attackers to obtain sensitive information via 1 a crafted XAML browser application XBAP or 2 a crafted .NET Framework...

4.3CVSS6.3AI score0.13553EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2013/01/09 6:0 p.m.118 views

CVE-2013-0001

CVE-2013-0001 concerns a vulnerability in the Windows Forms (WinForms) component of Microsoft .NET Framework (1.0 SP3–4.5). The root cause is improper initialization of memory arrays and use of a pointer to unmanaged memory, enabling information disclosure. Exploitation could occur via a crafted ...

4.3CVSS5.8AI score0.13553EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2012/05/09 12:55 a.m.25 views

Design/Logic Flaw

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5 SP1, 3.5.1, and 4 does not properly serialize input data, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP or 2 a crafted .NET Framework application, aka ".NET Framework...

9.3CVSS8AI score0.22889EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2012/02/14 10:55 p.m.26 views

Design/Logic Flaw

Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate the length of an unspecified buffer, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framework application, aka...

9.3CVSS8.1AI score0.23778EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2011/06/16 8:55 p.m.19 views

CVE-2011-0664

Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4 before 4.0.60531.0, does not properly validate arguments to unspecified networking API functions, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP...

9.3CVSS7.4AI score0.16006EPSS
Exploits1References2
CVE
CVE
added 2011/05/10 7:0 p.m.96 views

CVE-2011-1271

The CVE describes a JIT optimization flaw in Microsoft .NET Framework that mishandles null-string expressions, enabling context-dependent attackers to execute arbitrary code. Affected products/variants include .NET Framework 3.5 Gold/SP1 (and 3.5.1) and 4.0 when IsJITOptimizerDisabled is false. E...

7.7CVSS7AI score0.20096EPSS
Exploits2References3Affected Software1
Prion
Prion
added 2011/04/13 6:55 p.m.27 views

Memory corruption

The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framework...

9.3CVSS8.1AI score0.23593EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2009/10/14 10:30 a.m.30 views

CVE-2009-2504

Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Proje...

9.3CVSS7.8AI score0.20982EPSS
Exploits1References3
Prion
Prion
added 2009/10/14 10:30 a.m.23 views

Design/Logic Flaw

Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framewor...

9.3CVSS7.9AI score0.25811EPSS
Exploits2References3Affected Software3
Cvelist
Cvelist
added 2009/10/14 10:0 a.m.29 views

CVE-2009-0091

Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framewor...

7.2AI score0.25811EPSS
Exploits2References3
Rows per page
Query Builder